async def add_vault_user(self, user_id: str, identity: Identity) -> Revision:
vault = self.vault
if vault is None:
raise ValueError("Invalid argument")
revision = Revision(operation=RevisionOp.AddUser)
revision.vault_id = vault.config.id
revision.user_id = user_id
revision.parent_id = vault.revision
revision.sign(identity=identity)
await self.write_term('add_vault_user',
revision.user_id,
revision.user_fingerprint,
revision.parent_id,
revision.signature)
# assert :ok
response = await self.read_response()
ret_revision = self.server_info_to_revision(rewrite_atoms_dict(response), vault)
revision.revision_id = ret_revision.revision_id
revision.created_at = ret_revision.created_at
return revision
async def remove_user_vault_key(self, identity: Identity, user_id: str,
user_identity: Identity) -> Revision:
vault = self.vault
if vault is None:
raise ValueError("Invalid argument")
self.logger.debug('Removing user vault key')
revision = Revision(operation=RevisionOp.RemoveUserKey)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = user_id
revision.user_public_key = user_identity.public_key.exportKey("DER")
revision.sign(identity=identity)
# upload metadata
await self.write_term('remove_user_vault_key', user_id,
revision.user_public_key,
user_identity.get_fingerprint(),
revision.user_fingerprint, revision.parent_id,
revision.signature)
# assert :ok
response = await self.read_response()
ret_revision = self.server_info_to_revision(
rewrite_atoms_dict(response), vault)
revision.revision_id = ret_revision.revision_id
revision.created_at = ret_revision.created_at
return revision
async def remove_user_vault_key(self, identity: Identity, user_id: str,
user_identity: Identity) -> Revision:
vault = self.vault
if vault is None:
raise ValueError("Invalid argument")
self.logger.debug('Removing user vault key')
revision = Revision(operation=RevisionOp.RemoveUserKey)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = user_id
revision.user_public_key = user_identity.public_key.exportKey("DER")
revision.sign(identity=identity)
# upload metadata
await self.write_term('remove_user_vault_key',
user_id,
revision.user_public_key,
user_identity.get_fingerprint(),
revision.user_fingerprint,
revision.parent_id,
revision.signature
)
# assert :ok
response = await self.read_response()
ret_revision = self.server_info_to_revision(rewrite_atoms_dict(response), vault)
revision.revision_id = ret_revision.revision_id
revision.created_at = ret_revision.created_at
return revision
async def add_vault_user(self, user_id: str,
identity: Identity) -> Revision:
vault = self.vault
if vault is None:
raise ValueError("Invalid argument")
revision = Revision(operation=RevisionOp.AddUser)
revision.vault_id = vault.config.id
revision.user_id = user_id
revision.parent_id = vault.revision
revision.sign(identity=identity)
await self.write_term('add_vault_user', revision.user_id,
revision.user_fingerprint, revision.parent_id,
revision.signature)
# assert :ok
response = await self.read_response()
ret_revision = self.server_info_to_revision(
rewrite_atoms_dict(response), vault)
revision.revision_id = ret_revision.revision_id
revision.created_at = ret_revision.created_at
return revision
def generate_fake_revision(vault):
revision = Revision(operation=RevisionOp.SetMetadata)
revision.vault_id = vault.id
revision.parent_id = vault.revision
revision.user_id = "user@localhost"
revision.user_fingerprint = "aabbcc"
revision.revision_metadata = b"123456"
revision.signature = b"12345"
return revision
async def remove_vault_user(self, user_id: str, identity: Identity) -> Revision:
vault = cast(Vault, self.vault) # We can savely cast because of @require_vault
logger.info("Remove user %s", user_id)
revision = Revision(operation=RevisionOp.RemoveUser)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = user_id
revision.sign(identity=identity)
return self.add_revision(revision)
async def remove_user_vault_key(self, identity: Identity, user_id: str,
user_identity: Identity):
vault = cast(Vault, self.vault) # We can savely cast because of @require_vault
logger.info("Removing user vault key %s", user_id)
revision = Revision(operation=RevisionOp.RemoveUserKey)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_public_key = user_identity.public_key.exportKey('DER')
revision.user_id = user_id
revision.sign(identity=identity)
return self.add_revision(revision)
async def remove_vault_user(self, user_id: str,
identity: Identity) -> Revision:
vault = cast(
Vault, self.vault) # We can savely cast because of @require_vault
logger.info("Remove user %s", user_id)
revision = Revision(operation=RevisionOp.RemoveUser)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = user_id
revision.sign(identity=identity)
return self.add_revision(revision)
async def remove_user_vault_key(self, identity: Identity, user_id: str,
user_identity: Identity):
vault = cast(
Vault, self.vault) # We can savely cast because of @require_vault
logger.info("Removing user vault key %s", user_id)
revision = Revision(operation=RevisionOp.RemoveUserKey)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_public_key = user_identity.public_key.exportKey('DER')
revision.user_id = user_id
revision.sign(identity=identity)
return self.add_revision(revision)
async def remove_file(self, bundle: Bundle, identity: Identity) -> Revision:
vault = cast(Vault, self.vault) # We can savely cast because of @require_vault
assert bundle.store_hash
logger.info("Deleting %s", bundle)
revision = Revision(operation=RevisionOp.RemoveFile)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = "user@localhost"
revision.file_hash = bundle.store_hash
revision.sign(identity=identity)
return self.add_revision(revision)
async def create_vault(self, identity: Identity) -> Revision:
vault = self.vault
if vault is None:
raise ValueError("Invalid argument")
revision = Revision(operation=RevisionOp.CreateVault)
revision.vault_public_key = vault.identity.public_key.exportKey("DER")
revision.user_public_key = identity.public_key.exportKey("DER")
revision.user_id = '*****@*****.**' # TBD
revision.sign(identity=identity)
await self.write_term('create_vault',
revision.vault_public_key,
revision.user_public_key,
revision.user_fingerprint,
revision.signature)
response = await self.read_term()
vault_id = response[1].decode(vault.config.encoding)
auth = response[2].decode(vault.config.encoding)
server_info = rewrite_atoms_dict(response[3])
if not vault_id:
raise ServerError("Invalid vault ID: {0}".format(vault_id))
if not auth:
raise ServerError("Invalid auth token: {0}".format(auth))
revision.vault_id = vault_id
# assert :ok
ret_revision = self.server_info_to_revision(server_info, vault)
revision.revision_id = ret_revision.revision_id
revision.created_at = ret_revision.created_at
self.logger.info('Successfully created vault %s', vault_id)
with vault.config.update_context():
vault.config.update('remote', {
'auth': auth
})
vault.config.update('vault', {
'id': response[1].decode(vault.config.encoding)
})
return revision
async def remove_file(self, bundle: Bundle,
identity: Identity) -> Revision:
vault = cast(
Vault, self.vault) # We can savely cast because of @require_vault
assert bundle.store_hash
logger.info("Deleting %s", bundle)
revision = Revision(operation=RevisionOp.RemoveFile)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = "user@localhost"
revision.file_hash = bundle.store_hash
revision.sign(identity=identity)
return self.add_revision(revision)
async def set_vault_metadata(self, identity: Identity) -> Revision:
vault = cast(
Vault, self.vault) # We can savely cast because of @require_vault
dest_path = os.path.join(self.path, "metadata")
writer = vault.encrypted_metadata_reader() >> FileWriter(
dest_path, create_dirs=True)
await writer.consume()
metadata = await vault.encrypted_metadata_reader().readall()
revision = Revision(operation=RevisionOp.SetMetadata)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = "user@localhost"
revision.revision_metadata = metadata
revision.sign(identity)
return self.add_revision(revision)
async def set_vault_metadata(self, identity: Identity) -> Revision:
vault = cast(Vault, self.vault) # We can savely cast because of @require_vault
dest_path = os.path.join(self.path, "metadata")
writer = vault.encrypted_metadata_reader() >> FileWriter(
dest_path, create_dirs=True
)
await writer.consume()
metadata = await vault.encrypted_metadata_reader().readall()
revision = Revision(operation=RevisionOp.SetMetadata)
revision.vault_id = vault.config.id
revision.parent_id = vault.revision
revision.user_id = "user@localhost"
revision.revision_metadata = metadata
revision.sign(identity)
return self.add_revision(revision)
async def create_vault(self, identity: Identity) -> Revision:
vault = self.vault
if vault is None:
raise ValueError("Invalid argument")
revision = Revision(operation=RevisionOp.CreateVault)
revision.vault_public_key = vault.identity.public_key.exportKey("DER")
revision.user_public_key = identity.public_key.exportKey("DER")
user_info = await self.user_info()
revision.user_id = user_info['email']
revision.sign(identity=identity)
await self.write_term('create_vault', revision.vault_public_key,
revision.user_public_key,
revision.user_fingerprint, revision.signature)
response = await self.read_term()
vault_id = response[1].decode(vault.config.encoding)
auth = response[2].decode(vault.config.encoding)
server_info = rewrite_atoms_dict(response[3])
if not vault_id:
raise ServerError("Invalid vault ID: {0}".format(vault_id))
if not auth:
raise ServerError("Invalid auth token: {0}".format(auth))
revision.vault_id = vault_id
# assert :ok
ret_revision = self.server_info_to_revision(server_info, vault)
revision.revision_id = ret_revision.revision_id
revision.created_at = ret_revision.created_at
self.logger.info('Successfully created vault %s', vault_id)
with vault.config.update_context():
vault.config.update('remote', {'auth': auth})
vault.config.update(
'vault', {'id': response[1].decode(vault.config.encoding)})
return revision
async def init(self, identity: Identity) -> Revision:
vault = cast(Vault, self.vault) # We can savely cast because of @require_vault
new_vault_id = str(uuid4())
if not vault.config.get("vault.id"):
with vault.config.update_context():
vault.config.update("vault", {"id": new_vault_id})
await self.open() # create directory
# create txchain store
with open(os.path.join(self.path, "txchain"), "wb"):
pass
revision = Revision(operation=RevisionOp.CreateVault)
revision.vault_id = new_vault_id
revision.user_id = "user@localhost"
revision.vault_public_key = vault.identity.public_key.exportKey("DER")
revision.user_public_key = identity.public_key.exportKey("DER")
revision.sign(identity=identity)
return self.add_revision(revision)
async def init(self, identity: Identity) -> Revision:
vault = cast(
Vault, self.vault) # We can savely cast because of @require_vault
new_vault_id = str(uuid4())
if not vault.config.get("vault.id"):
with vault.config.update_context():
vault.config.update("vault", {"id": new_vault_id})
await self.open() # create directory
# create txchain store
with open(os.path.join(self.path, "txchain"), "wb"):
pass
revision = Revision(operation=RevisionOp.CreateVault)
revision.vault_id = new_vault_id
revision.user_id = "user@localhost"
revision.vault_public_key = vault.identity.public_key.exportKey("DER")
revision.user_public_key = identity.public_key.exportKey("DER")
revision.sign(identity=identity)
return self.add_revision(revision)
